Extracted

• • Target

    e1475c8d8760880e5d874a7bacb983cedda7691e507f7b1f89269333063239cc

  • Size

    12.2MB

  • MD5

    b4a7565f5fe7f3fa54fa55734c050695

  • SHA1

    cb059c204ec0c030e29d41cddc7bc7e96a552b20

  • SHA256

    e1475c8d8760880e5d874a7bacb983cedda7691e507f7b1f89269333063239cc

  • SHA512

    72591ddf64e0d14dbb717ebeaf12feb559e49309541ab7035b3ea3f3005e25a8533a934764cc1bd6befe820c3e8d8371e356f68de3aee6a67f1e1b7d7f9e61ae

  • SSDEEP

    98304:kmCvsKdBHCa5b2MGm76yqmstR16ZcTLpJMvbqyxIJfJu0K7nB:ysKdBHCa5b2MGm765miRciJyxgRu0Mn

  Score

  10^/10

  cryptbotcredential_accessdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Uses browser remote debugging

    Can be used control the browser and steal sensitive information such as credentials and session cookies.

    credential_accessstealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2